| > That's not how things work. Canonical and RedHat collaborate technically by improving parts of the system as necessary. Things are enabled or not based on market requirements. Umm, but your ability to offer useful confinement literally hinges on this since you don't want to do anything else... So, you'd have to do something to get Red Hat to consider enabling it. Otherwise you're stuck with nothing for Snappy on the most commonly used Linux distribution platform in the commercial space. >> What about helping to maintain AppArmor support in Fedora?
> Canonical already does that by working to upstream the patches. That helps Fedora and everybody else too. It doesn't help Fedora at all today, since there is no AppArmor support in the distribution. The user-space tools aren't in there, and the kernels shipped by Fedora do not have AppArmor enabled. So, no, I can categorically say you are wrong there. > Well, no need to guess.. there are open discussions about it. Really? Because I searched, and outside of John Johansen's wishful thinking presentations, I've seen no evidence of anyone talking about it seriously. If anything, I've heard people say John is crazy for thinking that this is a reasonable idea. Care to offer some proof to the contrary? Who knows, you might be right! It seems that the LSM mailing list has no functioning archive, so there could be something there that says otherwise. > For legal reasons that are not unique to Canonical we do require a pretty straightforward CLA to be signed. No other major Linux company requires one. Not Red Hat. Not SUSE. |